The present invention is generally related to cryptographic ignition keys (CIKs), and more specifically related to removable cryptographic ignition keys.
Information contained on processors, such as laptop computers and programmable digital assistants (PDAs), is often as valuable, if not more valuable, to a user/owner of the processor than the processor itself. Thus, it is often desirable to deny access to information contained on the processor to unauthorized users. One way to accomplish this is through the use of a cryptographic ignition key (CIK). A CIK facilitates the prevention of unauthorized access to a processor thus protecting internally stored information. When the CIK is inserted into the processor, secure operations are allowed. When the CIK is removed from the processor, secure operations are disallowed.
However, a problem particularly associated with portable processors (e.g., laptop computers, PDAs, and military handheld radios used to conduct secure communications), is that it is possible to misplace the processor, or the processor may be stolen, with the CIK in the processor. This is more likely to happen in situations where the user of the processor expects to be separated from the processor for only a short period of time, and thus does not feel a need to extract the CIK. Examples of such situations include, a user leaving the room where the processor is located to take a short break (e.g., get a drink, smoke a cigarette, go to the bathroom), a user leaving a laptop computer on a chair at the airport, a user placing a laptop on the conveyer belt of an X-ray machine at an airport security checkpoint, or a soldier leaving a military handheld radio in the field. An unauthorized user, stumbling upon, or intentionally taking, a processor having the CIK installed, may wreak havoc with the secure information on the processor. An improved system and method for utilizing a CIK is desired.
In one embodiment, a system for conducting secure operations utilizing a removable cryptographic ignition key (CIK), includes the removable CIK, a processor, and a proximity detector. The processor is configured to receive the removable CIK. Secure operations are enabled subsequent to receiving the removable CIK. The proximity detector is configured to determine a distance between the removable CIK and the processor. Secure operations are enabled while the removable CIK is within a predetermined distance of the processor, and secure operations are disabled when a distance between the removable CIK and the processor is greater than the predetermined distance.
In another embodiment, a method for conducting secure operations utilizing a removable cryptographic ignition key (CIK), a processor, and a proximity detector, includes receiving the removable CIK by the processor, wherein secure operations are enabled subsequent to receipt of the removable CIK by the processor. It is determined if a distance between the removable CIK and the processor has exceeded a predetermined distance. Secure operations are enabled while said removable CIK is within the predetermined distance of the processor and secure operations are disabled when a distance between the removable CIK and the processor is greater than the predetermined distance.